Re: Why there are 35 policies assigned to newly created group?

For each point product extension that you check in (such as VSE, ENS, Drive Encryption, etc), that extension is what adds the point product policies. By default, to manage the systems, the default policies for each point product is assigned at the my organization level. This is as designed so that when the agent checks into epo, it has some policy to use for each point product. You cannot delete that default assignment - it is there on purpose so each point product immediately is in a managed state when the agent checks in.

When you set up your system tree in groups, you then can go to each group, assigned policies, then choose the point product you want to look at for policies. You don't need to see all products at once. For each point product, there may be one or more policies due to different categories, such as access protection, on access scanning, etc. For each policy category you want to change for that particular group, click on edit assignment, break inheritance, and choose the policy you want assigned.

You can change what policies are assigned at the my organization level by following the same process.

Was my reply helpful?If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Why there are 35 policies assigned to newly created group?

Where are you seeing 35 policies assigned to a group? Do you have the filter set to show all product policies? When you create a new group, they will receive the policies for each point product that are assigned at the my organization level unless you break inheritance at that group and assign it a different policy. Most all products can only have one policy per product and category at a time, so you should not be seeing multiple point product policies assigned.

Was my reply helpful?If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Why there are 35 policies assigned to newly created group?

The new group will be inheriting policy from the root of the system tree (The 'my organization' level).

In the ePO/MA product guides there are sections that discuss the use of Inheritance, and more importantly the 'break inheritance' option in MA policy to allow a device, or group to effectively ignore policy from an upper level and use only the policy defined to the group or device level.

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Why there are 35 policies assigned to newly created group?

You are looking at this all wrong. You will always have policies assigned at the global root for each product. You can't have a product installed with its extensions and not have a policy assigned, that is the way epo works. If you choose the drop down for each particular product, you will see only a few policies for that product. When you click on edit assignment at the group level, you can then break inheritance and assign it whatever policies you want. But they will always have by default the McAfee default policies assigned unless you change that.

As for tasks, you would go to the assigned client tasks tab, new client task assignment and choose a task you have already created, or create new. You might want to refer to the product guide for guidance on setting things up the way you want them to be.

Was my reply helpful?If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Why there are 35 policies assigned to newly created group?

Policies are merely settings that control the behavior of the software. For deploying products, those are tasks, not policies. If you go to the main menu, client task catalog, go to the mcafee agent, deployment. Then create a task that will push out the desired software. Next, go to the system tree, desired group, click on assigned client tasks, then new task assignment. Choose McAfee agent, deployment as type and then choose the task you created and set it to push out on desired schedule.

Was my reply helpful?If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Why there are 35 policies assigned to newly created group?

For each point product extension that you check in (such as VSE, ENS, Drive Encryption, etc), that extension is what adds the point product policies. By default, to manage the systems, the default policies for each point product is assigned at the my organization level. This is as designed so that when the agent checks into epo, it has some policy to use for each point product. You cannot delete that default assignment - it is there on purpose so each point product immediately is in a managed state when the agent checks in.

When you set up your system tree in groups, you then can go to each group, assigned policies, then choose the point product you want to look at for policies. You don't need to see all products at once. For each point product, there may be one or more policies due to different categories, such as access protection, on access scanning, etc. For each policy category you want to change for that particular group, click on edit assignment, break inheritance, and choose the policy you want assigned.

You can change what policies are assigned at the my organization level by following the same process.

Was my reply helpful?If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.